Two cryptocurrency-related security incidents occurred during the past couple of days, adding to the rising number of attacks that target digital currency. One of these incidents saw the Italian exchange Bitgrail reportedly fall victim to fraudulent transactions, while a second incident involves the Coinhive Miner (Detected by Trend Micro as Coinminer_MONERO.THBO-JS), which emerged as one of the most prevalent malware worldwide, being used to hijack thousands of websites.

Bitgrail vs. Nano

In a notice posted on their website, Bitgrail announced that the exchange lost up to $195 million worth of Nano cryptocurrency tokens to hackers pulling off fraudulent transactions. Apparent details of the attack were posted on the CryptoCurrency subreddit, noting that a bug was found on the exchange’s withdraw page, where users could run a manual java-script to send a request for a withdrawal amount greater than what was contained in their account.

The announcement itself was not without issues, as Nano published their own statement noting that the team did not detect any double spending in the ledger and that the loss itself was unlikely to have happened due to the Nano protocol. Instead, the group pointed out that the problem likely originated from Bitgrail’s software.

Further complicating the incident is the alleged issue of Bitgrail’s insolvency. Nano mentioned the issue in their statement, which they identified as the likely reason for the exchange’s announcement. In fact, the Nano team went so far as to say that Bitgrail operator and owner Francesco Firano has been misleading both the team and the Nano community.

This highly controversial incident occurred just a couple of weeks after the cryptocurrency known as Nano was rebranded from RaiBlocks.

Coinhive miner spreads via disability support plugin

A large number of sites, including the official webpages of US and UK organizations, were compromised and injected with the cryptocurrency miner known as Coinhive in order utilize the computer resources of website visitors for mining operations. All of these websites used a plugin known as Browsealoud, which assists blind users via voice reading. Attackers apparently managed to compromise the plugin and inject Coinhive, which will use computer resources of the compromised website's visitors to mine cryptocurrency.

Fortunately, the miner will stop working when the website is closed, thus disabling it. However, given the number of compromised websites — up to 4,200 according to some sources — a large number of users may unwittingly be victimized.

Another day, another cryptocurrency issue

It seems that new security issues involving cryptocurrency are being reported each day. From miners and fraudulent transactions to phishing and ransomware, cryptocurrency attacks are not limited to a single kind. While the Coinhive incident seems to be a straightforward miner attack, the issue with Bitgrail and Nano seems quite a bit more complicated, even going beyond security issues.

The key issue here is that cryptocurrencies deal with a large number of issues when it comes to security. While the recommended best practices to address these can help, users should also be aware of the possible security implications that may arise when dealing with cryptocurrencies.

Users can also look into comprehensive security solutions that can protect them from cryptocurrency mining malware. Trend Micro™ Smart Protection Suites delivers several capabilities such as high-fidelity machine learning, web reputation services, behavior monitoring and application control, and vulnerability shielding that minimize the impact of threats that target cryptocurrency.

2017 MIDYEAR SECURITY ROUNDUP

2018 SECURITY PREDICTIONS

Today's increasingly interconnected environments pave the way for threats that will bank on systems' weaknesses for different forms of cybercrime. How can you prepare for the year ahead?View the 2018 Security Predictions